Shared Hosting Has Inherent Risks. Someone posted a message on cf-talk today that quickly mushroomed into a discussion on shared hosting and the related security risks. There is nothing wrong with shared hosting, and for many applications shared hosting may be the right choice (due to the low cost). But such an environment does have inherent security risks, and it is important to understand them. Unless you are running ColdFusion on top of a J2EE server (more on that in a moment), computers run a single copy of ColdFusion. This is true of all versions of ColdFusion, starting with CF1 all the way through CFMX. . . .
Having said all this, shared hosting is not a bad thing, but it is inherently risky (this is nothing to do with CF, if you were using ASP or PHP or Perl or whatever it would be just as risky). Sites that need high security and high availability and complete control should not be using shared hosting, they need dedicated hosting. In the past this meant a dedicated box, but this is not the case anymore. Using ColdFusion on top of a J2EE server it is now possible to have multiple instances of ColdFusion in the same box. For the right clients and applications, this is the only really safe way to implement shared hosting. [Ben Forta's Blog]